pfinst.exe

The executable pfinst.exe has been detected as malware by 1 anti-virus scanner. The file has been seen being downloaded from cdn.pmdownloadcdn.com.
MD5:
03d16e17f663f91a27c1d3f2a5dcbd04

SHA-1:
4103f1968b7ad72d205d321aff4a33e2c945f352

SHA-256:
4f39e5c9156dd7da3aaea5be76d88110a82518c177b2c6ca2a977dee09e43fc0

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
11/27/2024 3:45:46 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Threat.Win.Reputation.IMP
16.7.2.23

File size:
1.3 MB (1,390,257 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\pfinst.exe

File PE Metadata
Compilation timestamp:
5/28/2015 10:08:22 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
24576:ZUHd2+c302iVti/fjvivXH6lMay6fS8TFPU+NmbX/mKDJMuUv3thJ:e8u2EYfjkb8S8dY/mKDJMN9hJ

Entry address:
0x93DA6

Entry point:
E8, 5C, 7B, 01, 00, E9, 35, FE, FF, FF, 55, 8B, EC, 8D, 45, 14, 50, FF, 75, 10, FF, 75, 0C, FF, 75, 08, 68, CD, BA, 4A, 00, E8, 60, 00, 00, 00, 83, C4, 14, 5D, C3, 55, 8B, EC, 8D, 45, 14, 50, FF, 75, 10, FF, 75, 0C, FF, 75, 08, 68, ED, CB, 4A, 00, E8, 41, 00, 00, 00, 83, C4, 14, 5D, C3, 55, 8B, EC, 8D, 45, 10, 50, 6A, 00, FF, 75, 0C, FF, 75, 08, 68, CD, BA, 4A, 00, E8, 23, 00, 00, 00, 83, C4, 14, 5D, C3, 55, 8B, EC, 8D, 45, 10, 50, 6A, 00, FF, 75, 0C, FF, 75, 08, 68, ED, CB, 4A, 00, E8, 05, 00, 00, 00, 83...
 
[+]

Entropy:
7.0474

Code size:
817 KB (836,608 bytes)

The file pfinst.exe has been seen being distributed by the following URL.

Remove pfinst.exe - Powered by Reason Core Security